Talks We Like: John Willis on the Nature of Cyber Security and DevSecOps

Picture of Damon Edwards
Damon Edwards     June 15, 2018 IT Operations

In this edition of Talks We Like, we are highlighting John Willis' talk "The Divine and Felonious Nature of Cyber Security - A DevSecOps Story" from DevOps Days Austin 2018. John gives a sweeping (in 37 minutes) look at where cybersecurity is today and what this "DevSecOps" idea is all about.



The central message is about closing the front door to the vulnerabilities and exploits that continue to fell businesses large and small. What John describes, in his usual entertaining style, isn't about the new technology or attention-grabbing AI that dominates the cybersecurity headlines.

Instead, John makes a case for bringing the work of AppSec into the same tight feedback loops that have helped the rest of a technology organization improve how they operate. In fact, you can read between the lines and see how advancements like AI/ML will fail unless they are brought into fast feedback loops that are being established in the rest of an organization's Dev to Ops pipelines.

Even if you don't see your job as being directly related to cybersecurity, this presentation is worth your while.


What we like about this talk:

  • Excellent overview of the urgency and challenges facing AppSec today.
  • Good examples of the trend towards each part of the IT landscape adopting a software development lifecycle mindset (in this case plugging AppSec into delivery pipelines).
  • The move towards Operations as a Services (like the move towards Continuous Delivery) enables organizations to decouple and move quicker. Integrating security is essential to staying under control while doing so.



New Call-to-action

Damon Edwards

Damon Edwards is a co-founder of Rundeck, Inc. and cares a lot about improving IT operations and how enterprises operate.

Related Posts in Topic